Mailinglist Archive: opensuse-virtual (17 mails)

< Previous Next >
Re: [opensuse-virtual] How to correctly configure mitigation of CVE-2018-3646 'Foreshadow-NG (VMM)' on Xen Dom0 host?
On 4/14/19 9:28 PM, Tony Su wrote:
You first need to provide source for your spectre-meltdown checker,

this is an Opensuse pkg, sourced from the Opensuse security repo,

referenced re: Spectre mitigation, e.g., here:

It's my understanding that openSUSE installs microcode patches during
every bootup including Spectre and Meltdown mitigations.

It depends on kernel/hypervisor configuration & available/installed microcode

That's the point of my post -- the correct configuration.

only those processors can be patched "properly."

As mentioned, my CPU is

Intel(R) Xeon(R) CPU E3-1220 v3 @ 3.10GHz

Per intel's "microcode update guidance"

the suite of Haswell Xeon v3 Processors, including:

E3-1220V3, E3-1225V3, E3-1230LV3, E3-1230V3, E3-1240V3, E3-1245V3,
E3-1270V3, E3-1275LV3, E3-1275V3, E3-1280V3, E3-1285LV3, E3-1285LV3, E3-1285V3

are supported in production updates, with the latest available firmware data
files @:
To unsubscribe, e-mail: opensuse-virtual+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-virtual+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation